CN112905493B - Structured fuzzy test method based on conversion test - Google Patents
Structured fuzzy test method based on conversion test Download PDFInfo
- Publication number
- CN112905493B CN112905493B CN202110371590.9A CN202110371590A CN112905493B CN 112905493 B CN112905493 B CN 112905493B CN 202110371590 A CN202110371590 A CN 202110371590A CN 112905493 B CN112905493 B CN 112905493B
- Authority
- CN
- China
- Prior art keywords
- test
- program
- fuzzy
- test case
- execution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention discloses a structured fuzzy test method based on a conversion test, which belongs to the technical field of fuzzy tests and comprises the following steps: acquiring a program to be tested, inputting the program to be tested into a test system, constructing a protocol test state machine, generating a guide sequence and a feature sequence, selecting a state sequence, generating a test case by using data, starting the program to be tested, inputting a test case command, and performing fuzzy test; the invention provides a new instrumentation strategy, when the program runs, a plurality of statement blocks only need to execute the first instruction of the statement block, all the statements behind the statement blocks can be executed, codes are fused into code blocks, the code blocks are used as basic blocks, the basic blocks are used as units when instrumentation is performed, the preparation work in the earlier stage can be reduced, the running efficiency of the program can be improved, and the method is internally provided with an automatic checking step, can carry out self-checking on the execution process of the test case, avoid the occurrence of the condition of missing detection, and ensure the testing accuracy.
Description
Technical Field
The invention belongs to the technical field of fuzzy test, and particularly relates to a structured fuzzy test method based on conversion test.
Background
Along with the rapid development of IT technology, in order to facilitate the calculation and practical application, many systems and software are developed, each system or software has different functions, different systems or software also has different technical standards and maintenance standards, when the system or software runs, if there is a design problem of itself, the situation of running error or running failure will occur, at this time, a test method is needed to effectively test the overall defect of the software or system, so that the defect can be rapidly improved, and the overall stability of the running of the software or system is ensured.
Disclosure of Invention
The invention aims at: in order to solve the problem of rapid development of IT technology, in order to facilitate calculation and practical application, many systems and software are developed, each system or software has different functions, different systems or software also have different technical standards and maintenance standards, when the systems or software are operated, if there is a design problem of the systems or software, an operation error or an operation fault can occur, at this time, a test method is needed, and a problem of effectively testing the software or the overall defect of the systems is needed, so that a structured fuzzy test method based on conversion test is proposed.
In order to achieve the above purpose, the present invention adopts the following technical scheme: a structured fuzzy test method based on conversion test comprises the following steps:
s1, acquiring a program to be tested, and inputting the program to be tested into a test system;
s2, constructing a protocol test state machine;
s3, generating a guide sequence and a characteristic sequence;
s4, selecting a state sequence;
s5, generating a test case by using the data;
s6, starting a program to be tested, inputting a test case command, and performing fuzzy test;
s7, generating a test case execution path, and observing whether an error occurs in the running process of the program;
s8, if a program error occurs, recording the test case, and if no error occurs, continuing to execute the test case;
s9, when the test case is executed, performing automatic inspection;
s10, after automatic inspection is finished, if the program runs normally and no error occurs, the program passes the test, otherwise, the program fails the test;
s11, storing and importing the input test cases into a database for quantitative analysis;
s12, analyzing the position of the error.
As a further description of the above technical solution:
in the step S2, a protocol test state machine is constructed according to the BGP-4 protocol, and a protocol document description is attached, wherein the BGP-4 protocol has six states.
As a further description of the above technical solution:
in the step S3, a test state machine is utilized to generate a guide sequence and a characteristic sequence.
As a further description of the above technical solution:
in the step S5, the test case is generated by using the obfuscator, and the types of the obfuscator can be divided into a local obfuscator and a remote obfuscator.
As a further description of the above technical solution:
in the step S6, a program to be tested is started, a test case command is input, and fuzzy tests are carried out, wherein the fuzzy tests are divided into a fuzzy test based on variation and a fuzzy test based on generation.
As a further description of the above technical solution:
in the step S7, the method for creating the execution path is to insert piles in the source code of the program, obtain an execution path of a test case according to the execution result of the program, execute the first instruction of the statement block as long as the first instruction of the statement block, execute all the statements behind the first instruction, and observe whether an error occurs in the running process of the program.
As a further description of the above technical solution:
in S8, if a program error occurs, the test case is recorded, and meanwhile, the program error position is recorded, and if no error occurs, the test case is continuously executed.
As a further description of the above technical solution:
in S9, when the test case is executed, an automatic check is performed to check whether there are other test cases that have not been executed, and if so, the test case is input again to S6 for execution.
As a further description of the above technical solution:
in the step S11, the input test cases are stored and imported into a database for quantitative analysis, wherein the database has three tables, namely a code table, a case execution information table and an exception table, and the code table is mainly used for storing source codes of programs; the case execution information table is mainly used for storing various information of case execution, including test cases, execution paths, execution results and the like; the exception table mainly stores information in each register and stack of the CUP when the program is caused to be abnormal.
As a further description of the above technical solution:
in S12, the error location is analyzed, and the suspicious degree of each statement in the error path is analyzed by using the powerful data processing capability of the database.
In summary, due to the adoption of the technical scheme, the beneficial effects of the invention are as follows:
the method is provided with an automatic checking step in the method, can perform self-checking on the execution process of the test cases, avoids the occurrence of missed checking, ensures the accuracy of the test, has the test case import and storage process and the final error analysis process in the method, can effectively store all the executed test cases so as to provide a certain basis for error analysis, and can analyze the suspicious degree of each statement in an error path, thereby judging specific error positions and reasons, being beneficial to improving the program, and having a certain detection effect and a powerful function.
Drawings
FIG. 1 is a flow chart of a structured fuzzy test method based on a transformation test.
Description of the embodiments
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Examples
Referring to fig. 1, the present invention provides a technical solution: a structured fuzzy test method based on conversion test comprises the following steps:
s1, acquiring a program to be tested, and inputting the program to be tested into a test system;
s2, constructing a protocol test state machine according to a BGP-4 protocol, and attaching a protocol document description, wherein the BGP-4 protocol has six states;
s3, generating a guide sequence and a feature sequence by using a test state machine;
s4, selecting a state sequence;
s5, generating test cases by using a fuzzifier, wherein the types of the fuzzifier can be divided into a local fuzzifier and a remote fuzzifier;
s6, starting a program to be tested, inputting a test case command, and performing fuzzy test, wherein the fuzzy test is divided into a fuzzy test based on variation and a fuzzy test based on generation;
s7, generating an execution path of the test case, observing whether an error occurs in the running process of the program, wherein the creation method of the execution path is to insert piles in the source code of the program, and obtaining the execution path of the test case according to the execution result of the program, wherein all sentences of a plurality of sentence blocks are executed as long as the first instruction of the sentence block is executed.
In this embodiment, a new instrumentation policy is proposed, when a program runs, there are many statement blocks, so long as the first instruction of the statement block is executed, all the statements behind the statement block are executed, the code is fused into a code block, and the code block is used as a basic block, and the basic block is used as a unit when instrumentation is performed, so that the preparation work in the early stage can be reduced, and the running efficiency of the program can be improved.
Examples
Referring to fig. 1, the present invention provides a technical solution: a structured fuzzy test method based on conversion test comprises the following steps:
s1, acquiring a program to be tested, and inputting the program to be tested into a test system;
s2, constructing a protocol test state machine according to a BGP-4 protocol, and attaching a protocol document description, wherein the BGP-4 protocol has six states;
s3, generating a guide sequence and a feature sequence by using a test state machine;
s4, selecting a state sequence;
s5, generating test cases by using a fuzzifier, wherein the types of the fuzzifier can be divided into a local fuzzifier and a remote fuzzifier;
s6, starting a program to be tested, inputting a test case command, and performing fuzzy test, wherein the fuzzy test is divided into a fuzzy test based on variation and a fuzzy test based on generation;
s7, generating a test case execution path, observing whether an error occurs in the running process of the program, wherein the creating method of the execution path is to insert piles in the source code of the program, and obtaining an execution path of the test case according to the execution result of the program, wherein all sentences of a plurality of sentence blocks are executed as long as the first instruction of the sentence block is executed;
s8, if a program error occurs, recording the test case, recording the program error position, and if no error occurs, continuing to execute the test case;
s9, when the test cases are executed, automatically checking whether other test cases are not executed, and if so, inputting the test cases into the S6 again for execution;
s10, after automatic inspection is finished, if the program runs normally and no error occurs, the program passes the test, otherwise, the program fails the test;
s11, storing and importing the input test cases in a database for quantitative analysis, wherein the database is provided with three tables, namely a code table, a case execution information table and an exception table, and the code table is mainly used for storing source codes of programs; the case execution information table is mainly used for storing various information of case execution, including test cases, execution paths, execution results and the like; the exception table mainly stores information in each register and stack of the CUP when the program is abnormal;
s12, analyzing the position of the error, and analyzing the suspicious degree of each statement in the error path by utilizing the powerful data processing capacity of the database.
In this embodiment, an automatic checking step is provided inside, so that the execution process of the test case can be self-checked, the occurrence of missed detection is avoided, the test accuracy is ensured, meanwhile, the method has the test case import and save process and the final error analysis process inside, and can effectively save all the executed test cases so as to provide a certain basis for error analysis, and the error analysis can analyze the suspicious degree of each statement in the error path, thereby judging specific error positions and reasons, being beneficial to program improvement, and ensuring that the method not only has a test effect but also has a certain detection effect and has powerful functions.
It should be noted that: examples 1 to 2:
in S2, the BGP-4 protocol has six states, idle, connect, active, openSent, openConfirm and Established respectively;
in S5, the local obfuscator command line parameters and environment variables are the two most basic ways to introduce variables into the program, so obfuscators for setup applications can be divided into two categories: command line parameter obfuscators and environment variable obfuscators. Yet another type of local obfuscator is a file format obfuscator. Many applications may experience anomalies in handling malformed files, which requires a file format obfuscator to participate in the monitoring. The browser fuzzifier is a special file format fuzzifier, and the fuzzifier is used for realizing automation of a fuzzification test process by utilizing the function of HTML (hypertext markup language), and a remote fuzzifier is used for testing objects of the remote fuzzifier, such as network-based application programs, for example, various server software. Such applications have long been the most important test object for fuzzy testing. The remote obfuscators mainly include a network protocol obfuscator and a Wcb application obfuscator. Network protocol obfuscators are divided into two categories: obfuscation with simple protocol as test object and obfuscation with complex protocol as test object. Wcb application obfuscators have become a popular way of accessing backend services, including web services such as email;
in S6, the ambiguity test has different ambiguities for different test targets, where the main classifications are:
environmental variables and parameters. The test object is mainly command line parameters and environment variables, and the main obfuscator is ifuzz;
web applications and servers. The fuzzers aiming at the existence of loopholes of the Web server comprise SPIKE and WebScarab developed by Dave Aitel;
file format. Aiming at a specific file format, the method is used for mining file analysis loopholes of a client, and main obfuscators are notSPIKEfile, SPIKEfile and FileFuzz;
network protocol. The variant or error-containing data packet is sent to the target program through a specific Socket form, and the corresponding fuzzers are SPIKE and ProtoFuzz;
in S12, the error position is analyzed, and the suspicious degree of each statement in the error path is analyzed by using the powerful data processing capability of the database, and the calculation formula is as follows:
wherein, TFi (S) passes through the test case number of statement S error (error type is i), TP (S) is the test case number of statement S passing through normally. The final result is a list of the suspicious degree of a series of sentences, wherein the suspicious degree is the largest and the possibility of error is the largest.
The foregoing is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art, who is within the scope of the present invention, should make equivalent substitutions or modifications according to the technical scheme of the present invention and the inventive concept thereof, and should be covered by the scope of the present invention.
Claims (7)
1. A structured fuzzy test method based on conversion test is characterized in that: the method comprises the following steps:
s1, acquiring a program to be tested, and inputting the program to be tested into a test system;
s2, constructing a protocol test state machine according to a BGP-4 protocol, and attaching a protocol document description, wherein the BGP-4 protocol has six states;
s3, generating a guide sequence and a characteristic sequence;
s4, selecting a state sequence;
s5, generating test cases by using a fuzzifier, wherein the types of the fuzzifier can be divided into a local fuzzifier and a remote fuzzifier;
s6, starting a program to be tested, inputting a test case command, and performing fuzzy test;
s7, generating a test case execution path, and observing whether an error occurs in the running process of the program;
s8, if a program error occurs, recording the test case, and if no error occurs, continuing to execute the test case;
s9, when the test case is executed, performing automatic inspection;
s10, after automatic inspection is finished, if the program runs normally and no error occurs, the program passes the test, otherwise, the program fails the test;
s11, storing and importing the input test cases in a database for quantitative analysis, wherein the database is provided with three tables, namely a code table, a case execution information table and an exception table, and the code table is mainly used for storing source codes of programs; the case execution information table is mainly used for storing various information of case execution, including test cases, execution paths and execution results; the exception table mainly stores information in each register and stack of the CUP when the program is abnormal;
s12, analyzing the position of the error.
2. The method according to claim 1, wherein in S3, the guiding sequence and the feature sequence are generated by using a test state machine.
3. The method for structured fuzzy testing based on conversion testing according to claim 1, wherein in S6, a program to be tested is started, a test case command is input, and fuzzy testing is performed, and the fuzzy testing is classified into a fuzzy testing based on variation and a fuzzy testing based on generation.
4. The method for structured fuzzy testing according to claim 1, wherein in S7, the creating method of the execution path is to insert piles in the source code of the program, obtain an execution path of a test case according to the execution result of the program, and observe whether an error occurs in the running process of the program if the first instruction of the statement block is executed and all the statements behind the first instruction are executed.
5. The method according to claim 1, wherein in S8, if a program error occurs, the test case is recorded, and the program error location is recorded, and if no error occurs, the test case is continuously executed.
6. The method for structured fuzzy testing based on conversion testing according to claim 1, wherein in S9, when the test case is executed, an automatic check is performed to check whether there are other test cases that have not been executed, and if so, the test case is input again to S6 for execution.
7. The method according to claim 1, wherein in S12, the error location is analyzed, and the suspicion of each statement in the error path is analyzed by using the powerful data processing capability of the database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110371590.9A CN112905493B (en) | 2021-04-07 | 2021-04-07 | Structured fuzzy test method based on conversion test |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110371590.9A CN112905493B (en) | 2021-04-07 | 2021-04-07 | Structured fuzzy test method based on conversion test |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112905493A CN112905493A (en) | 2021-06-04 |
| CN112905493B true CN112905493B (en) | 2023-07-18 |
Family
ID=76109962
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110371590.9A Active CN112905493B (en) | 2021-04-07 | 2021-04-07 | Structured fuzzy test method based on conversion test |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112905493B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116501604B (en) * | 2023-03-07 | 2023-10-10 | 开元华创科技(集团)有限公司 | JAVA-based language code quality fuzzy test system and method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104796240A (en) * | 2015-04-30 | 2015-07-22 | 北京理工大学 | Fuzz testing system for stateful network protocol |
| CN109885479A (en) * | 2019-01-07 | 2019-06-14 | 中国人民解放军战略支援部队信息工程大学 | Software obfuscation test method and device based on path record truncation |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103853650B (en) * | 2012-11-28 | 2017-03-01 | 西门子公司 | A kind of method for generating test case of fuzz testing and device |
| CN105095075B (en) * | 2015-07-16 | 2017-12-08 | 北京理工大学 | Partly legalized fuzz testing case generation method based on finite state machine procotol |
| CN111309586A (en) * | 2018-12-12 | 2020-06-19 | 迈普通信技术股份有限公司 | Command testing method, device and storage medium thereof |
| CN111274129A (en) * | 2020-01-16 | 2020-06-12 | 浙江理工大学 | Program error positioning method based on dynamic program failure execution block |
| CN111428247B (en) * | 2020-04-23 | 2023-04-04 | 南京大学 | Method for improving computer leak library |
| CN112579472B (en) * | 2020-12-30 | 2024-04-16 | 锐捷网络股份有限公司 | Automatic generation method and device for test cases |
-
2021
- 2021-04-07 CN CN202110371590.9A patent/CN112905493B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104796240A (en) * | 2015-04-30 | 2015-07-22 | 北京理工大学 | Fuzz testing system for stateful network protocol |
| CN109885479A (en) * | 2019-01-07 | 2019-06-14 | 中国人民解放军战略支援部队信息工程大学 | Software obfuscation test method and device based on path record truncation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112905493A (en) | 2021-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tappler et al. | Model-based testing IoT communication via active automata learning | |
| Roest et al. | Regression testing ajax applications: Coping with dynamism | |
| CN105763392A (en) | Industrial control protocol fuzzing test method based on protocol state | |
| Soetens et al. | Change-based test selection in the presence of developer tests | |
| Wang et al. | Ietcr: An information entropy based test case reduction strategy for mutation-based fault localization | |
| Schipper et al. | Tracing back log data to its log statement: from research to practice | |
| CN109936479A (en) | Control plane failure diagnostic system and its implementation based on Differential Detection | |
| CN108337266A (en) | A kind of efficient protocol client vulnerability mining method and system | |
| CN112905493B (en) | Structured fuzzy test method based on conversion test | |
| CN112817853A (en) | Automatic test method, system and electronic equipment | |
| Schrettner et al. | Impact analysis in the presence of dependence clusters using Static Execute After in WebKit | |
| CN111124937B (en) | Method and system for assisting in improving test case generation efficiency based on instrumentation function | |
| Zhao et al. | Fault centrality: boosting spectrum-based fault localization via local influence calculation | |
| CN112527619A (en) | Analysis link calling method and system based on directed acyclic graph structure | |
| Burrows et al. | Coupling metrics for aspect-oriented programming: A systematic review of maintainability studies | |
| He et al. | Using software dependency to bug prediction | |
| CN113157551B (en) | ROS-oriented differential fuzzy test method | |
| CN113626288A (en) | Fault processing method, system, device, storage medium and electronic equipment | |
| Antal et al. | Is JavaScript Call Graph Extraction Solved Yet? A Comparative Study of Static and Dynamic Tools | |
| Mondal et al. | Investigating the relationship between evolutionary coupling and software bug-proneness | |
| CN109522206B (en) | Abnormal data positioning method, device, computer equipment and storage medium | |
| Vandercammen et al. | Prioritising Server Side Reachability via Inter-process Concolic Testing | |
| Truong et al. | Characterizing incidents in cloud-based iot data analytics | |
| CN111459808A (en) | Type inference-based guided test case variation method | |
| CN112311679A (en) | State detection method and device, electronic equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |